algorithms cryptography and protocols
play

Algorithms, cryptography and protocols DONT EVER ROLL YOUR OWN - PowerPoint PPT Presentation

Dec 10, 2022 •189 likes •1.01k views

Algorithms, cryptography and protocols DONT EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO Use this space to add an image. IMPLEMENTATION, OR CRYPTO RNG Insert an image and change the scale to cover this box. ALSO, KEY MANAGEMENT IS

  1. Algorithms, cryptography and protocols DON’T EVER ROLL YOUR OWN PROTOCOL, CRYPTO ALGO, CRYPTO Use this space to add an image. IMPLEMENTATION, OR CRYPTO RNG Insert an image and change the scale to cover this box. ALSO, KEY MANAGEMENT IS VERY VERY HARD 1

  2. Who? Kate Pearce - Head of Security at Trade Me (@secvalve) I work to ensure that the data Trade Me holds for our customers, and the services it provides them, are trusted, trustworthy, and trusty (resilient). Trade Me Multiple millions of Trade Me and its systems are incredibly prevalent in New accounts in a country Zealand: of 4.8 Million ● Marketplace (Auctions, listing goods new & secondhand) (~around 1M under ● Motors (New and used car listings) age 18) ● Property (Rental, Purchase, & Commercial) ● Jobs (Job Listings) ● Payments (Credit Card Processor) > 2 Million Daily ● Holiday Houses interactions ● Dating Trade Me has unparallelled Brand Presence in New Zealand, and the vast majority of New Zealand’s adult population in our systems. @Secvalve -- 2

  3. 3 CCSA, https://m.flikr.com/#/photos/4nitsirk

  4. 1. Principles & Use this space to add an image. Goals Insert an image and change the scale to cover this box. 2. Building Blocks 3. Protocols Security.ac.nz -- @secvalve - -4

  5. tldr; DO Use Public DO NOT Roll-your-own CONCENTRATE ON Key Algorithms Algo/Function Distribution DO NOT Roll-your-own CONCENTRATE ON Key DO Use Public Protocols Protocol Management DO NOT Roll-your-own DO Use Secure PRNG for PRNG OR Use a Keys non-secure PRNG DO Use a Secure DO NOT Implement your Implementation own DO Use Recommended DO NOT Use Bad, Weak, Cipher Suites or Null Suites DO NOT Hash Secrets DO Use Slow Algorithms with simple or fast and Salt Secret Hashes hashes Security.ac.nz -- @secvalve - -5

  6. This Presentation ● Is aiming at the key things people make mistakes with ● Is not going deep into details ○ Will not tell you which tech or configuration to use ● May have errors because cryptography is hard to do well Security.ac.nz -- @secvalve - -6

  7. Principles & Goals Security.ac.nz -- @secvalve - -7

  8. Protocols - 3 way handshake Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -8

  9. Principles - 3 Way handshake Hello, shall we talk? Sure, still good to talk? Yep! ….*starts talking* *talking intensifies* Security.ac.nz -- @secvalve - -9

  10. Principles - 3 Way handshake SYN SYN ACK ACK ACK ACK ACK ACK ACK ACK Security.ac.nz -- @secvalve - -10

  11. Cryptography Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -11

  12. Principles Cryptography Security.ac.nz -- @secvalve - -12

  13. Principles Cryptography Security.ac.nz -- @secvalve - -13

  14. Principles Secret Writing Cryptography Security.ac.nz -- @secvalve - -14

  15. Principles Cryptography is Control Cryptography is Economics Cryptography is Openness Kerckhoffs's Principle - “A cryptosystem should be secure even if everything about the system, except the key, is public knowledge.” Shannon’s Maxim - “The enemy knows the system” Security.ac.nz -- @secvalve - -15

  16. Cryptography Goals Confidentiality - Privacy Authenticity - Sender Integrity - Message Security.ac.nz -- @secvalve - -16

  17. Primitives, and Building Blocks Security.ac.nz -- @secvalve - -17

  18. Some Key Primitives (and components) Not going over all this in detail Public and Symmetric Private Message Keys Hashes Integrity Keys Codes Pseudo Random Trapdoor (one-way) Keys Number XOR S-BOX Function Generator (PRNG) Security.ac.nz -- @secvalve - -18

  19. Symmetric Encryption Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -19

  20. Symmetric Cryptography Encryption ABCDEF W8$fd3 Cipher (Plaintext) (Ciphertext) Key BCDEFG X = 1 ABCDEF NOPQRS ROT(X) X = 13 X = 17 RSTUVW Security.ac.nz -- @secvalve - -20

  21. Symmetric Cryptography BCDEFG X = 1 NOPQRS X = 13 ROT(X) ABCDEF X = 17 RSTUVW Key Decryption W8$fd3 ABCDEF (Plaintext) Cipher (Ciphertext) Security.ac.nz -- @secvalve - -21

  22. Symmetric Cryptography Encryption ABCDEF W8$fd3 Cipher (Plaintext) (Ciphertext) Key Decryption W8$fd3 ABCDEF (Plaintext) Cipher (Ciphertext) Security.ac.nz -- @secvalve - -22

  23. Hashing and Trapdoor Functions Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -23

  24. Hashing and Trapdoor Functions Is this the same? Security.ac.nz -- @secvalve - -24

  25. Hashing and Trapdoor Functions They had a red shirt Security.ac.nz -- @secvalve - -25

  26. Hashing and Trapdoor Functions The number has a remainder of 1 when divided by 2 Security.ac.nz -- @secvalve - -26

  27. Hashing and Trapdoor Functions The number has a remainder of 5 when divided by 15 Security.ac.nz -- @secvalve - -27

  28. Hashing and Trapdoor Functions The number has a remainder of 11 when divided by 73 Security.ac.nz -- @secvalve - -28

  29. Hashing and Trapdoor Functions They had a red shirt And green gumboots And a lot of hair And mittens And were a cat Security.ac.nz -- @secvalve - -29

  30. Hashing and Trapdoor Functions Hashing SA#2KH ABCDEF gfh@f*2 Hash (Plaintext) (Hash) Security.ac.nz -- @secvalve - -30

  31. Hashing and Trapdoor Functions Hashing cannot go the other way, as information is lost Red Shirt? Security.ac.nz -- @secvalve - -31

  32. Hashing and Trapdoor Functions Hashing cannot go the other way, as information is lost But it may tell you enough to be confident something is the same to the hashed thing Security.ac.nz -- @secvalve - -32

  33. Hashing and Trapdoor Functions Hashing can be used to verify authenticity Message A X Message b Hash(Msg A Message must A + MsgB) have come after Message C Hash(Msg those it signs B + MsgC) Message D Hash(Msg A past message cannot C + MsgD) be altered without Message e Hash(Msg breaking the later hashes D + MsgE) Security.ac.nz -- @secvalve - -33

  34. Asymmetric Encryption Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -34

  35. Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Security.ac.nz -- @secvalve - -35

  36. Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Security.ac.nz -- @secvalve - -36

  37. Asymmetric Encryption? We can gain security from with operations that are vastly more difficult to reverse without some useful information Go through the hidden trapdoor activated by the statue’s eye Or, in mathematics: factoring numbers Security.ac.nz -- @secvalve - -37

  38. Asymmetric Encryption? How do we protect our communications if we’ve never met? How do we share a key without observers being able to use it? With Public-Key Cryptography Security.ac.nz -- @secvalve - -38

  39. Asymmetric Cryptography PRIVATE PUBLIC KEY KEY PRIVATE NEEDS TO BE SHARED NEVER SHARED EVER Shared PUBLICLY PRIVATE NEEDS TO BE SHARED Security.ac.nz -- @secvalve - -39

  40. Asymmetric Cryptography K = ABC PRIVATE $(*2e4d RSA(k) DEF KEY K = PUBLIC KEY ABC RSA(k) DEF Security.ac.nz -- @secvalve - -40

  41. Asymmetric Cryptography K = ABC PRIVATE $(*2e4d RSA(k) DEF KEY K = PUBLIC ABC RSA(k) KEY DEF Security.ac.nz -- @secvalve - -41

  42. Asymmetric Cryptography SO WHAT? We now know: - If something is encrypted with a Public Key it can only be read with the corresponding private key - If something decrypts with a Public Key it was encrypted with the corresponding private key Now each party has a way to communicate to the other party secretly. Security.ac.nz -- @secvalve - -42

  43. Asymmetric Cryptography Now each party has a way to communicate to the other party secretly. Example: (NOT HOW Diffie-Hellman Key Exchange WORKS) 1. BOTH Publicly: Let’s use our a common word “peregrine” 2. Alice sends a message [encrypted with Bob’s public Key] to use the secret word “ Opossum ” a. Only Bob can read this 3. Bob sends Alice a message [encrypted with his private key and then her public key] and then his to use the secret word “ WeaselSquawk ” a. Only Bob can have sent this, Only Alice can read it They now have a key to use for symmetric encryption: peregrineOpossumWeaselSquawk Security.ac.nz -- @secvalve - -43 Exercise: Find the vulnerability in this method (Hint: how does Bob Auth Alice?)

  44. Asymmetric Cryptography Why not use Public-private cryptography all the time? It is thousands of times more computationally intensive (And key reuse should be avoided) Security.ac.nz -- @secvalve - -44

  45. Signing and Message Integrity Codes Use this space to add an image. Insert an image and change the scale to cover this box. Security.ac.nz -- @secvalve - -45

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and

Introduction to Cryptography Summarized from Applied Cryptography, Protocols, Algorithms, and Source Code in C , 2nd. Edition, Bruce Schneier, John Wiley & Sons, Inc. Outline Cryptographic Protocols Introduction Introduction

759 views • 45 slides
15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline

15-853:Algorithms in the Real World Cryptography #2 15-853 Page 1 Cryptography Outline Introduction: terminology, cryptanalysis, security Private-Key Algorithms: Rijndael, DES Number Theory Groups Public-Key Algorithms: RSA, ElGamal,

525 views • 26 slides
Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU

Privacy Preserving Protocols Privacy Preserving Protocols Workshop on Cryptography for the Internet of Things Jens Hermans KU Leuven - COSIC 20 November 2012 Privacy Preserving Protocols Introduction Cryptography in Daily Life RFID Privacy

1.04k views • 60 slides
Security Protocols Key Establishment, Chapter 13 of Understanding Cryptography by Paar

Security Protocols Key Establishment, Chapter 13 of Understanding Cryptography by Paar

References Introduction to Cryptography Security Protocols Key Establishment, Chapter 13 of Understanding Cryptography by Paar & Pelzl Wide Mouth Frog Protocol from Wikipedia Jim Royer

281 views • 9 slides
Outline Security Protocols Societal issues and cryptography CS 239 Key recovery

Outline Security Protocols Societal issues and cryptography CS 239 Key recovery

Outline Security Protocols Societal issues and cryptography CS 239 Key recovery cryptosystems Computer Security Designing secure protocols February 10, 2003 Basic protocols Key exchange Lecture 8 Lecture 8 Page 1 Page

148 views • 10 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security February 5, 2003 Lecture 7 Lecture 7 Page 1 Page 2 CS 239, Winter 2003 CS 239,

263 views • 11 slides
Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric

Outline Cryptography and Encryption Uses of cryptography Algorithms Symmetric cryptography CS 239 Asymmetric cryptography Computer Security January 26, 2005 Lecture 5 Lecture 5 Page 1 Page 2 CS 239, Winter 2005 CS 239,

321 views • 13 slides
Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography

Verifying Security Protocols and their Implementations Information Security and Cryptography Reading Group Presenter: C t lin Hri cu References Verified Interoperable Implementations of Security Protocols. Karthikeyan Bhargavan,

922 views • 70 slides
Modeling and verification of security protocols Part I: Basics of cryptography and introduction to

Modeling and verification of security protocols Part I: Basics of cryptography and introduction to

Modeling and verification of security protocols Part I: Basics of cryptography and introduction to security protocols Dresden University of Technology Martin Pitt martin@piware.de Paper and slides available at http://www.piware.de/docs.shtml

549 views • 33 slides
Whats the worst that could happen? Eric Rescorla RTFM, Inc. DIMACS Workshop on Cryptography:

Whats the worst that could happen? Eric Rescorla RTFM, Inc. DIMACS Workshop on Cryptography:

Whats the worst that could happen? Eric Rescorla RTFM, Inc. DIMACS Workshop on Cryptography: Theory Meets Practice Overview Cryptography alone doesnt do much Real systems combine primitives into protocols Protocols treat primitives

630 views • 39 slides
Algorithms for Public Key Cryptography Eli Biham - May 3, 2005 c 408 Algorithms for Public

Algorithms for Public Key Cryptography Eli Biham - May 3, 2005 c 408 Algorithms for Public

Algorithms for Public Key Cryptography Eli Biham - May 3, 2005 c 408 Algorithms for Public Key Cryptography (15) Computing Square Roots Modulo a Prime We have already seen how to compute square roots modulo primes of the form p = 4 k + 3:

932 views • 34 slides
APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION

APPLIED CRYPTOGRAPHY: FROM ALGORITHMS TO LIBRARIES @ABSTRACTJ GOAL OF THIS PRESENTATION ALGORITHMS An algorithm must be seen to be believed. Donald E. Knuth THIS TALK IS NOT ABOUT ALGORITHMS, ONLY SECURITY the state of being

1.03k views • 74 slides
Encryption and Network Security Cryptography is widely used to protect networks Relies on

Encryption and Network Security Cryptography is widely used to protect networks Relies on

Encryption and Network Security Cryptography is widely used to protect networks Relies on encryption algorithms and protocols discussed previously Can be applied at different places in the network stack With different effects and

525 views • 21 slides
Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering

Security Protocols Security protocols are the intellectual core of security engineering They are where cryptography and system mechanisms meet They allow trust to be taken from where it exists to where it s needed But they are

941 views • 67 slides
Cryptography for software engineers: Protocols

Cryptography for software engineers: Protocols

Cryptography for software engineers: Protocols KATHOLIEKE

476 views • 43 slides
Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir

Fundamentals of Cryptography: Algorithms, and Security Services Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Cryptography: Theory and Practice, Douglas Stinson, Chapman & Hall/CRC Network Security: Private

711 views • 56 slides
Securing the connected world Security acceleration for cloud computing/data centers Company

Securing the connected world Security acceleration for cloud computing/data centers Company

Securing the connected world Security acceleration for cloud computing/data centers Company history 1991: Founded as ASIC design house in Louvain-la-Neuve, Belgium 1995: Becomes part of the Barco group. 1999: 1st SoC development for

189 views • 14 slides
Protection and Security - II Encrypts a block of data at a time (64 bit messages, with 56 bit

Protection and Security - II Encrypts a block of data at a time (64 bit messages, with 56 bit

CSC 4103 - Operating Systems Symmetric Encryption Spring 2007 Same key used to encrypt and decrypt E ( k ) can be derived from D ( k ), and vice versa Lecture - XXI DES is most commonly used symmetric block-encryption algorithm

496 views • 4 slides
Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020

Applied Cryptography (Pt. 1) Engineering Secure Software Last Revised: October 13, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Networks, Cryptography, and You Most application developers Dont implement networking

333 views • 30 slides
Recommendation to Protect Your Data in the Future Prof. Dr.-Ing. Tim Gneysu Arbeitsgruppe

Recommendation to Protect Your Data in the Future Prof. Dr.-Ing. Tim Gneysu Arbeitsgruppe

Recommendation to Protect Your Data in the Future Prof. Dr.-Ing. Tim Gneysu Arbeitsgruppe Technische Informatik / IT-Sicherheit (CEITS) LEARNTEC Karlsruhe 27.01.2016 Long-Term Security in the Real World Most IT applications have a

505 views • 18 slides
Protection & Security Tevfik Ko ar University at Buffalo December 6 th , 2011 1 The

Protection & Security Tevfik Ko ar University at Buffalo December 6 th , 2011 1 The

CSE 421/521 - Operating Systems Fall 2011 Lecture - XXVI Protection & Security Tevfik Ko ar University at Buffalo December 6 th , 2011 1 The Security Problem Protecting your system resources, your files, identity, confidentiality,

362 views • 13 slides
Distributed Ledgers Blockchain Technology Michael B. Spring School of Information Sciences

Distributed Ledgers Blockchain Technology Michael B. Spring School of Information Sciences

6/27/2017 Distributed Ledgers Blockchain Technology Michael B. Spring School of Information Sciences University of Pittsburgh spring@pitt.edu The Big Picture Asymmetric Cryptography A Perfect World POW / POS Cryptographic Hashes

733 views • 28 slides
Protecting Against Fault Injection Attacks: from CRT-RSA to all Asymmetric Cryptography Pablo

Protecting Against Fault Injection Attacks: from CRT-RSA to all Asymmetric Cryptography Pablo

Protecting Against Fault Injection Attacks: from CRT-RSA to all Asymmetric Cryptography Pablo Rauzy Sylvain Guilley rauzy@enst.fr guilley@enst.fr pablo.rauzy.name perso.enst.fr/ guilley TELECOM ParisTech CNRS LTCI / COMELEC / SEN S

896 views • 64 slides
srs t

srs t

srs t tr srs

505 views • 28 slides

More recommend